[SNOW-1881731] Add externalBrowser, oauth, okta, keypair automated authentication tests

Jenkinsfile

@@ -1,6 +1,5 @@
 import groovy.json.JsonOutput
 
-
 timestamps {
   node('regular-memory-node') {
     stage('checkout') {
@@ -13,8 +12,8 @@ timestamps {
     stage('Build') {
       withCredentials([
         usernamePassword(credentialsId: '063fc85b-62a6-4181-9d72-873b43488411', usernameVariable: 'AWS_ACCESS_KEY_ID', passwordVariable: 'AWS_SECRET_ACCESS_KEY'),
-        string(credentialsId: 'a791118f-a1ea-46cd-b876-56da1b9bc71c',variable: 'NEXUS_PASSWORD')
-        ]) {
+        string(credentialsId: 'a791118f-a1ea-46cd-b876-56da1b9bc71c', variable: 'NEXUS_PASSWORD')
+      ]) {
         sh '''\
         |#!/bin/bash -e
         |export GIT_BRANCH=${GIT_BRANCH}
@@ -23,7 +22,8 @@ timestamps {
         '''.stripMargin()
       }
     }
-    params = [
+
+    def params = [
       string(name: 'svn_revision', value: 'bptp-built'),
       string(name: 'branch', value: 'main'),
       string(name: 'client_git_commit', value: scmInfo.GIT_COMMIT),
@@ -32,23 +32,37 @@ timestamps {
       string(name: 'parent_job', value: env.JOB_NAME),
       string(name: 'parent_build_number', value: env.BUILD_NUMBER)
     ]
+
     stage('Test') {
-      build job: 'RT-LanguageDotnet-PC',parameters: params
+      parallel(
+        'Test': {
+          stage('Test') {
+            build job: 'RT-LanguageDotnet-PC', parameters: params
+          }
+        },
+        'Test Authentication': {
+          stage('Test Authentication') {
+            withCredentials([
+              string(credentialsId: 'a791118f-a1ea-46cd-b876-56da1b9bc71c', variable: 'NEXUS_PASSWORD'),
+              string(credentialsId: 'sfctest0-parameters-secret', variable: 'PARAMETERS_SECRET')
+            ]) {
+              sh '''\
+              |#!/bin/bash -e
+              |$WORKSPACE/ci/test_authentication.sh
+              '''.stripMargin()
+            }
+          }
+        }
+      )
     }
   }
 }
 
-
 pipeline {
   agent { label 'regular-memory-node' }
   options { timestamps() }
   environment {
-    COMMIT_SHA_LONG = sh(returnStdout: true, script: "echo \$(git rev-parse " + "HEAD)").trim()
-
-    // environment variables for semgrep_agent (for findings / analytics page)
-    // remove .git at the end
-    // remove SCM URL + .git at the end
-
+    COMMIT_SHA_LONG = sh(returnStdout: true, script: "echo \$(git rev-parse HEAD)").trim()
     BASELINE_BRANCH = "${env.CHANGE_TARGET}"
   }
   stages {
@@ -61,7 +75,7 @@ pipeline {
 }
 
 def wgetUpdateGithub(String state, String folder, String targetUrl, String seconds) {
-    def ghURL = "https://api.github.com/repos/snowflakedb/snowflake-connector-net/statuses/$COMMIT_SHA_LONG"
-    def data = JsonOutput.toJson([state: "${state}", context: "jenkins/${folder}",target_url: "${targetUrl}"])
-    sh "wget ${ghURL} --spider -q --header='Authorization: token $GIT_PASSWORD' --post-data='${data}'"
-}
+  def ghURL = "https://api.github.com/repos/snowflakedb/snowflake-connector-net/statuses/$COMMIT_SHA_LONG"
+  def data = JsonOutput.toJson([state: "${state}", context: "jenkins/${folder}", target_url: "${targetUrl}"])
+  sh "wget ${ghURL} --spider -q --header='Authorization: token $GIT_PASSWORD' --post-data='${data}'"
+}

Snowflake.Data.Tests/AuthenticationTests/AuthConnectionString.cs

@@ -0,0 +1,162 @@
+using System;
+using System.Collections.Generic;
+using System.Text;
+using Newtonsoft.Json.Linq;
+using NUnit.Framework;
+using System.IO;
+using Snowflake.Data.Core;
+using System.Net.Http;
+
+namespace Snowflake.Data.AuthenticationTests
+
+{
+    static class AuthConnectionString
+    {
+        public static readonly string SsoUser = Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_BROWSER_USER");
+        public static readonly string Host = Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_HOST");
+        public static readonly string SsoPassword = Environment.GetEnvironmentVariable("SNOWFLAKE_TEST_OKTA_PASS");
+
+        public static SFSessionProperties GetBaseConnectionString()
+        {
+            var properties = new SFSessionProperties()
+            {
+                {SFSessionProperty.HOST, Host },
+                {SFSessionProperty.PORT, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_PORT") },
+                {SFSessionProperty.ROLE, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_ROLE") },
+                {SFSessionProperty.ACCOUNT, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_ACCOUNT") },
+                {SFSessionProperty.DB, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_DATABASE") },
+                {SFSessionProperty.SCHEMA, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_SCHEMA") },
+                {SFSessionProperty.WAREHOUSE, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_WAREHOUSE") },
+            };
+            return properties;
+        }
+
+        public static string SetBaseConnectionString(SFSessionProperties parameters) =>
+            $"host={parameters[SFSessionProperty.HOST]};port={parameters[SFSessionProperty.PORT]};account={parameters[SFSessionProperty.ACCOUNT]};role={parameters[SFSessionProperty.ROLE]};db={parameters[SFSessionProperty.DB]};schema={parameters[SFSessionProperty.SCHEMA]};warehouse={parameters[SFSessionProperty.WAREHOUSE]};";
+
+
+        public static SFSessionProperties GetExternalBrowserConnectionString()
+        {
+            var properties = GetBaseConnectionString();
+            properties.Add(SFSessionProperty.AUTHENTICATOR, "externalbrowser");
+            properties.Add(SFSessionProperty.USER, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_BROWSER_USER"));
+            return properties;
+        }
+
+        public static string SetExternalBrowserConnectionString(SFSessionProperties parameters) =>
+            $"{SetBaseConnectionString(parameters)}authenticator={parameters[SFSessionProperty.AUTHENTICATOR]};user={parameters[SFSessionProperty.USER]};";
+
+
+        public static SFSessionProperties GetOauthConnectionString(string token)
+        {
+            var properties = GetBaseConnectionString();
+            properties.Add(SFSessionProperty.AUTHENTICATOR, "OAUTH");
+            properties.Add(SFSessionProperty.USER, SsoUser);
+            properties.Add(SFSessionProperty.TOKEN, token);
+            return properties;
+        }
+
+        public static string SetOauthConnectionString(SFSessionProperties parameters) =>
+            $"{SetBaseConnectionString(parameters)}authenticator={parameters[SFSessionProperty.AUTHENTICATOR]};user={parameters[SFSessionProperty.USER]};token={parameters[SFSessionProperty.TOKEN]};";
+
+        public static SFSessionProperties GetOktaConnectionString()
+        {
+            var properties = GetBaseConnectionString();
+            properties.Add(SFSessionProperty.AUTHENTICATOR, Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_OAUTH_URL"));
+            properties.Add(SFSessionProperty.USER, SsoUser);
+            properties.Add(SFSessionProperty.PASSWORD, SsoPassword);
+
+            return properties;
+        }
+
+        public static SFSessionProperties GetKeyPairFromFileContentParameters(string privateKey)
+        {
+
+            var properties = GetBaseConnectionString();
+            properties.Add(SFSessionProperty.AUTHENTICATOR, "snowflake_jwt");
+            properties.Add(SFSessionProperty.USER, SsoUser);
+            properties.Add(SFSessionProperty.PRIVATE_KEY, privateKey);
+
+            return properties;
+        }
+
+
+        public static SFSessionProperties GetKeyPairFromFilePathConnectionString(string privateKeyPath)
+        {
+
+            var properties = GetBaseConnectionString();
+            properties.Add(SFSessionProperty.AUTHENTICATOR, "snowflake_jwt");
+            properties.Add(SFSessionProperty.USER, AuthConnectionString.SsoUser);
+            properties.Add(SFSessionProperty.PRIVATE_KEY_FILE, privateKeyPath);
+            return properties;
+        }
+        public static string SetPrivateKeyFromFileContentConnectionString(SFSessionProperties parameters) =>
+            $"{SetBaseConnectionString(parameters)}authenticator={parameters[SFSessionProperty.AUTHENTICATOR]};private_key={parameters[SFSessionProperty.PRIVATE_KEY]};user={SsoUser}";
+
+
+        public static string SetPrivateKeyFromFilePathConnectionString(SFSessionProperties parameters) =>
+            $"{SetBaseConnectionString(parameters)}authenticator={parameters[SFSessionProperty.AUTHENTICATOR]};private_key_file={parameters[SFSessionProperty.PRIVATE_KEY_FILE]};user={SsoUser}";
+
+
+        public static string SetOktaConnectionString(SFSessionProperties parameters) =>
+            $"{SetBaseConnectionString(parameters)}authenticator={parameters[SFSessionProperty.AUTHENTICATOR]};user={parameters[SFSessionProperty.USER]};password={parameters[SFSessionProperty.PASSWORD]};";
+
+
+        public static string GetPrivateKeyContentForKeypairAuth(string fileLocation)
+        {
+            string filePath = Environment.GetEnvironmentVariable(fileLocation);
+            Assert.IsNotNull(filePath);
+            string pemKey = File.ReadAllText(Path.Combine("..", "..", "..", "..", filePath));
+            Assert.IsNotNull(pemKey, $"Failed to read file: {filePath}");
+            return pemKey;
+
+        }
+
+        public static string GetPrivateKeyPathForKeypairAuth(string fileLocation)
+        {
+            string filePath = Environment.GetEnvironmentVariable(fileLocation);
+            Assert.IsNotNull(filePath);
+            return Path.Combine("..", "..", "..", "..", filePath);
+        }
+
+        public static string GetOauthToken()
+        {
+            try
+            {
+
+                using (var client = new HttpClient())
+                {
+                    var authUrl = Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_OAUTH_URL");
+                    var clientId = Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_OAUTH_CLIENT_ID");
+                    var clientSecret = Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_OAUTH_CLIENT_SECRET");
+                    var credentials = Convert.ToBase64String(Encoding.ASCII.GetBytes($"{clientId}:{clientSecret}"));
+
+                    client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Basic", credentials);
+
+                    var values = new Dictionary<string, string>
+                    {
+                        { "username", Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_OKTA_USER") },
+                        { "password", Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_OKTA_PASS") },
+                        { "grant_type", "password" },
+                        { "scope", "session:role:" + Environment.GetEnvironmentVariable("SNOWFLAKE_AUTH_TEST_ROLE") }
+                    };
+
+                    var content = new FormUrlEncodedContent(values);
+                    var response = client.PostAsync(authUrl, content).Result;
+                    response.EnsureSuccessStatusCode();
+
+                    var fullResponse = response.Content.ReadAsStringAsync().Result;
+                    var responseObject = JObject.Parse(fullResponse);
+                    Assert.IsNotNull(responseObject["access_token"]);
+                    return responseObject["access_token"].ToString();
+                }
+            }
+            catch (Exception e)
+            {
+                Assert.Fail($"Failed to get OAuth token: {e.Message}");
+                return null;
+            }
+
+        }
+    }
+}